Baseline and Review Repository Secret Findings with detect-secrets
Scan a repository for secrets, keep an auditable baseline, and review only newly introduced findings during commits or CI checks.
What it does
Baseline and Review Repository Secret Findings with detect-secrets
Scan a repository for secrets, keep an auditable baseline, and review only newly introduced findings during commits or CI checks.
Prerequisites
Python, detect-secrets CLI, git repository
Installation
Use the upstream install or setup path that matches your environment:
- $ pip install detect-secrets
- $ brew install detect-secrets
- $ pip install detect-secrets[word_list]
- $ pip install detect-secrets[gibberish]
Requirements and caveats from upstream:
- python
- Specify path to custom filter. May be a python module
- is great for non-structured secrets, but may require tuning to adjust the scanning precision.
Basic usage or getting-started notes:
-
Create a baseline of potential secrets currently found in your git repository.
-
bash
-
$ detect-secrets scan > .secrets.baseline
-
Extracted from upstream docs: https://raw.githubusercontent.com/Yelp/detect-secrets/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,224 chars)